1. Controller, Data Protection Officer, and Representatives
Data controller: Capsule Zero S.A.S., with registered office in Ciudad Autónoma de Buenos Aires, Argentina. For all data-protection matters, contact privacy@capsulezero.com. Our Data Protection Officer can be reached at dpo@capsulezero.com.
Where required, Capsule Zero appoints local representatives to handle requests from data subjects and supervisory authorities under the EU GDPR (Article 27) and the UK GDPR. The current EU representative and UK representative contact details are published at capsulezero.com/privacy-policy and are also available on request at privacy@capsulezero.com.
2. Scope of This Policy
This Policy applies to the Capsule Zero website, the Capsule Zero web application, our iOS and Android mobile applications, account and authentication flows, wardrobe and capsule tools, photo upload and image-processing flows, marketplace import and semantic search, the shared catalog, paid coin features, support channels, analytics, and product communications.
This Policy does not replace the privacy notices of third-party services that you access from Capsule Zero, including third-party stores, marketplaces, social-login providers, payment providers, app stores, analytics providers, customer-support providers, and image-processing providers. Each of those services has its own privacy notice that you should review.
3. Personal Data We Collect
| Category | Examples |
|---|---|
| Account and identity data | Name, email, password authentication data (hashed), account ID, language, country, city, login state, recovery and security events, social-login identifiers when you sign in via Google or Apple. |
| Profile and preference data | Avatar, sizes, style preferences, notification settings, security preferences, optional profile fields. |
| Wardrobe and capsule data | Item photos, categories, dominant colors, brands, materials, notes, item statuses (favorites, for sale, for repair, uncapsulated), capsule palettes, generated outfits, OPR scores, and gap suggestions. |
| Upload and image-processing data | Original images, processed images, thumbnails, image-processing status, retry information, file metadata such as size and MIME type. We strip non-essential metadata where reasonable. |
| Marketplace and catalog data | Marketplace URLs you submit, parsed item candidates, source-site metadata, semantic-search queries, and your interactions with the public catalog. |
| Billing and coin data | Coin balance, coin ledger, pack selection, invoice ID, payment status, refund or chargeback status, billing country, tax identifiers where required. Full payment-card numbers are processed by our payment partner and are not stored on Capsule Zero servers. |
| Device and usage data | IP address, device type, operating system, browser, app version, pages viewed, feature usage, performance metrics, error logs, cookies and similar identifiers, local-storage entries, approximate region inferred from IP, and security events. |
| Communications data | Support messages, feedback, survey responses, legal and privacy requests, and related metadata such as time, channel, and language. |
4. Sensitive Data, Wardrobe Photos, and Biometrics
Capsule Zero is not designed to collect special categories of personal data within the meaning of Article 9 of the EU GDPR (or equivalent local concepts), such as health information, racial or ethnic origin, religious or political views, genetic data, biometric identifiers used to uniquely identify a person, sexual orientation, or trade-union membership. Please do not upload such information.
Wardrobe photos may incidentally show people, bodies, faces, rooms, or locations. We process those images only to provide the Service to you, including storage, thumbnail generation, item display, background removal, color and category analysis, and optional editorial enhancement. We do not intentionally identify individuals, do not create biometric templates, do not run facial-recognition, and do not use wardrobe photos for advertising profiling.
We also do not knowingly collect personal data from children below the applicable digital-consent age (see Section 17).
5. Sources of Personal Data
- Directly from you, when you create an account, upload photos, fill in profile fields, import marketplace links, search the catalog, buy coins, or contact support.
- Automatically, from your browser, device, app, cookies, local storage, and our server-side logs.
- From service providers, including payment providers, marketplace-parsing tools, authentication providers, app stores, image-processing providers, analytics providers, and customer-support providers.
- From other users, only where they interact with you through shared features (for example, where a user submits an item to the shared catalog that you later interact with).
6. Purposes, Legal Bases, and Necessity
| Purpose | Data used | Lawful basis (EU/UK GDPR equivalents) |
|---|---|---|
| Provide accounts, authentication, sessions, and recovery | Account, login, session, recovery, profile, device data | Performance of contract (Art. 6(1)(b) GDPR); legal obligations (Art. 6(1)(c)); legitimate interests in security (Art. 6(1)(f)) |
| Operate wardrobe, capsule, upload, semantic search, and recommendation features | Wardrobe content, photos, item metadata, color data, preferences, search data | Performance of contract; legitimate interests in improving recommendations |
| Process coins, invoices, refunds, fraud and anti-money-laundering checks | Billing, coin ledger, payment status, device and security data, tax identifiers | Performance of contract; legal obligations (tax, accounting, AML); legitimate interests in fraud prevention |
| Provide customer support | Contact data, support messages, account status | Performance of contract; legitimate interests in service quality; consent where required |
| Secure, monitor, debug, and improve the Service | Usage data, logs, error reports, device data, limited analytics | Legitimate interests in security and product quality; consent where required |
| Product communications and marketing | Email, preferences, country, usage signals | Consent (for marketing emails where required by law); legitimate interests for transactional and service messages |
| Comply with law, respond to lawful requests, and enforce our rights | Account, billing, logs, communications, content moderation records | Legal obligations; legitimate interests; establishment, exercise, or defense of legal claims |
Where we rely on consent (for example, for non-essential cookies or for marketing emails in jurisdictions that require opt-in), you may withdraw consent at any time without affecting the lawfulness of prior processing. Withdrawing consent may make certain features unavailable.
7. AI, Automated Processing, and Recommendations
We use automated tooling, including AI models, to classify items, remove backgrounds, generate thumbnails, enhance images, suggest dominant colors, propose outfit combinations, calculate OPR, identify wardrobe gaps, and power semantic search. We refer to these outputs as "AI-Assisted Output".
AI-Assisted Output is advisory. We do not use solely automated processing to make decisions that produce legal effects or similarly significant effects on you within the meaning of Article 22 of the EU GDPR. You can accept, ignore, edit, or replace any recommendation. If an automated content-moderation decision materially affects you, you can request human review by contacting support@capsulezero.com.
Where we use third-party AI or image-processing providers (for example, for background removal, image enhancement, or vector search), we use them under contract and only to provide the Service to you. We do not knowingly allow those providers to use your private wardrobe content to train their general-purpose foundation models. If we change this position, we will update this Policy and obtain consent where required by law.
We design our AI features to align with applicable AI-governance frameworks, including the EU AI Act, by giving you transparency, the ability to override automated suggestions, and clear human points of contact.
8. Subprocessors and How We Share Personal Data
We share personal data only as necessary to operate, secure, support, analyze, improve, and lawfully monetize the Service, or as required by law. The main categories of recipients are listed below. A current list of named subprocessors is available at capsulezero.com/privacy-policy and can also be requested at privacy@capsulezero.com.
| Category of recipient | Examples | Purpose |
|---|---|---|
| Hosting, database, authentication, storage | Hetzner Cloud, Hetzner Object Storage | Application hosting and compute, PostgreSQL database, self-hosted authentication, object storage |
| Payment, billing, fraud, tax | Lava.top and underlying card processors | Coin pack purchases, invoicing, fraud screening, tax remittance |
| Image processing and AI | Background-removal and image-enhancement providers, embedding and vector-search providers | Upload pipeline, image cleanup, semantic search |
| Marketplace parsing | Marketplace adapter providers | Best-effort parsing of product URLs into structured item data |
| Analytics, logging, error monitoring | Privacy-conscious analytics and observability providers | Product analytics, performance monitoring, debugging |
| Customer support and email | Help-desk and transactional-email providers | Support, account notifications, transactional emails |
| Mobile platforms | Apple App Store, Google Play Store | Distribution and basic platform-level telemetry |
| Professional advisors | Auditors, lawyers, accountants, insurers, banks | Compliance, audit, legal advice, tax, banking |
| Authorities | Courts, regulators, law-enforcement | Compliance with valid legal requests, defense of claims |
| Corporate transactions | Successors, financing partners | Merger, acquisition, financing, restructuring, or sale of assets |
We do not sell personal data, and we do not engage in cross-context behavioral advertising as those terms are defined under U.S. state privacy laws. Private wardrobe uploads are not shared with other users unless you explicitly use a sharing or catalog feature.
9. International Transfers and Safeguards
Capsule Zero is designed for global use. Personal data may be processed in countries other than the one where you live, including Argentina (our home jurisdiction), the United States, the European Economic Area, and other countries where our subprocessors operate. Privacy laws in those countries may differ from yours.
Where personal data is transferred outside the EEA, the UK, or another jurisdiction with comparable rules, we use appropriate safeguards, including the European Commission's Standard Contractual Clauses (Decision 2021/914/EU), the UK International Data Transfer Addendum, transfer impact assessments, supplementary technical measures (such as encryption in transit and at rest), and provider due diligence. A copy of the applicable safeguards is available at privacy@capsulezero.com.
For transfers from Argentina, we comply with the international-transfer rules under Ley 25.326 and the requirements of the Agencia de Acceso a la Información Pública (AAIP).
10. Cookies, Tracking, and Online Identifiers
We use cookies, local storage, device identifiers, SDKs, pixels, and similar technologies ("cookies") for necessary site operation, session management, language preference, security, analytics, product improvement, and (where enabled with consent) marketing.
- Strictly necessary cookies support login, security, routing, language, and core app behavior. They cannot be switched off via the cookie banner.
- Preference cookies remember settings such as language, cookie choices, and dashboard layout.
- Analytics and performance cookies help us understand product usage and diagnose issues; we use these subject to consent in jurisdictions where consent is required for non-essential cookies.
- Marketing cookies, if introduced, are subject to consent, an opt-out mechanism (including Global Privacy Control signals where required), and the right to withdraw consent.
Where required by law (for example, in the EEA/UK under the ePrivacy Directive and PECR), we ask for consent before placing non-essential cookies and we let you change your choices through the in-product cookie preferences. You can also control cookies through your browser or device settings. Blocking strictly necessary cookies may break login, language switching, and other core features.
11. Retention Periods
We keep personal data only as long as reasonably necessary to fulfill the purposes described in this Policy, unless a longer period is required or permitted by law (for example, accounting, tax, anti-money-laundering, fraud-prevention, or dispute-resolution obligations).
| Data | Retention period |
|---|---|
| Account and profile data | For the life of your account. After account closure, we delete or anonymize active records within 30 days, subject to encrypted backup rotation that completes within an additional 90 days. |
| Wardrobe photos and item data | Until you delete them or close your account. Soft-deleted assets are purged from active systems within 30 days. |
| Coin ledger, invoices, tax, refund, and payment records | Up to 10 years from the relevant transaction, in line with Argentine accounting and tax requirements (Código Civil y Comercial, AFIP) and equivalent obligations in other jurisdictions. |
| Security logs and technical logs | Typically up to 12 months. Logs related to a security incident, abuse case, or legal claim may be retained for longer. |
| Support and legal requests | Up to 5 years from the closure of the request, longer where needed to handle disputes or comply with legal-hold notices. |
| Content moderation records | Up to 5 years, in line with EU Digital Services Act recordkeeping expectations. |
12. Security Measures
We use reasonable technical and organizational measures designed to protect personal data, taking into account the state of the art, the cost of implementation, the nature, scope, and purposes of processing, and the risks to your rights and freedoms. Measures include:
- encryption in transit (TLS 1.2 or higher) and encryption at rest for personal data and uploaded media;
- row-level security and granular access controls on our database and storage layer;
- principle-of-least-privilege access management for staff, with role-based access controls and audit logging;
- subprocessor due diligence and contractual data-protection commitments;
- logging, monitoring, and alerting on security events;
- private storage rules separating private wardrobe assets from public catalog assets;
- secret rotation, secure software-development practices, and dependency monitoring;
- documented incident-response and breach-notification procedures.
No online service is fully secure. You are responsible for keeping your credentials private, using strong passwords and (where available) multi-factor authentication, securing your devices, and promptly notifying support@capsulezero.com if you believe your account has been compromised.
13. Your Privacy Rights
Depending on where you live, you have rights regarding your personal data. These typically include:
- access to the personal data we hold about you;
- rectification of inaccurate or incomplete personal data;
- deletion or erasure of personal data, subject to legal-retention exceptions;
- portability of personal data you provided to us, in a structured, machine-readable format, where applicable;
- restriction of processing in certain situations;
- objection to processing based on our legitimate interests, including objection to direct marketing at any time;
- withdrawal of consent at any time where we relied on consent;
- the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects;
- the right to lodge a complaint with a supervisory authority.
To exercise any of these rights, contact privacy@capsulezero.com or use the in-product privacy controls where available. We may need to verify your identity and account ownership before responding. We will respond within the timeframes required by applicable law (generally within 30 days in the EEA/UK, extendable by up to 60 days where the request is complex).
We will not discriminate against you for exercising your privacy rights. Note, however, that deleting or restricting essential personal data may make some features unavailable or may require us to close your account.
14. Automated Decision-Making and Profiling
We do not make decisions about you that produce legal effects or similarly significant effects on you solely through automated processing within the meaning of Article 22 of the EU GDPR. We do use automated processing for content classification, recommendation ranking, semantic-search ordering, fraud-screening signals, and content moderation triage. You can request human review of any automated content-moderation decision that materially affects you by contacting support@capsulezero.com.
15. Data Breach Notification
We maintain incident-response procedures designed to detect, investigate, and respond to personal-data breaches. Where a personal-data breach is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where the risk is high, we will also notify affected users without undue delay, in accordance with applicable law (including Articles 33–34 of the EU GDPR and equivalent rules under Argentine Ley 25.326, U.S. state breach-notification laws, and Brazilian LGPD).
16. Regional Notices
European Economic Area, United Kingdom, and Switzerland. The data controller is Capsule Zero S.A.S.. Processing of personal data is carried out in accordance with the EU GDPR, the UK GDPR, the UK Data Protection Act 2018, and the Swiss Federal Act on Data Protection. You may contact our Data Protection Officer at dpo@capsulezero.com and you have the right to lodge a complaint with your national supervisory authority. Our EU and UK representatives are listed at capsulezero.com/privacy-policy.
Argentina. Processing is carried out in accordance with Ley 25.326 and its implementing rules. The competent supervisory authority is the Agencia de Acceso a la Información Pública (AAIP). You may exercise your rights of access, rectification, suppression, and update by contacting privacy@capsulezero.com.
Brazil. Processing is carried out in accordance with Lei Geral de Proteção de Dados (LGPD). Our data-protection officer (encarregado) can be reached at dpo@capsulezero.com. The competent supervisory authority is the Autoridade Nacional de Proteção de Dados (ANPD).
United States. If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Texas, or another U.S. state that has enacted a comprehensive consumer-privacy law, you may have additional rights, including the right to know what categories and specific pieces of personal data we hold about you, the right to delete personal data, the right to correct inaccurate personal data, the right to portability, the right to limit the use of sensitive personal information, and the right to opt out of "sale" or "sharing" of personal data. Capsule Zero does not sell personal data and does not engage in cross-context behavioral advertising. To exercise your U.S. state privacy rights, contact privacy@capsulezero.com. We will not discriminate against you for exercising these rights. We honor Global Privacy Control signals where required.
Other jurisdictions. If you live in another jurisdiction with applicable privacy rules (for example, Canada (PIPEDA, Quebec Law 25), Australia (Privacy Act), South Africa (POPIA), or similar), please contact us at privacy@capsulezero.com to exercise your rights.
17. Children and Minors
Capsule Zero is not intended for children under 16, and is not directed at children under 13 in any jurisdiction. We do not knowingly collect personal data from anyone below the applicable digital-consent age. If you believe a child has provided personal data to us, contact privacy@capsulezero.com so that we can review and, where appropriate, delete the account and associated data.
18. Third-Party Links
The Service contains links to marketplaces, brands, social networks, app stores, payment providers, support tools, and other third-party websites and services. We are not responsible for their privacy practices. Review their privacy notices before sharing personal data or making purchases.
19. Changes to This Policy
We may update this Policy from time to time to reflect changes in the Service, in applicable law, or in our subprocessors. If a change is material, we will provide notice through the Service, by email, or by another reasonable method, and we will update the "Last updated" and "Effective" dates above. The updated Policy applies from the new effective date unless the notice says otherwise.
20. How to Contact Us
Data controller: Capsule Zero S.A.S.. Registered office: Ciudad Autónoma de Buenos Aires, Argentina. Privacy contact: privacy@capsulezero.com. Data Protection Officer: dpo@capsulezero.com. Legal contact: legal@capsulezero.com. Support: support@capsulezero.com.